﻿<?php
header('Content-Type: text/xml');
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

echo "<?xml version='1.0' encoding='UTF-8'?>";

$con = mysql_connect("localhost","cubeMass_f","cubeSelectNow");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
// Create table in my_db database
mysql_select_db("cubeMass", $con);
session_start();

if($_POST["state"]=="loginIn"){
		$password = MD5($_POST['password']);
		$result = mysql_query("SELECT * FROM user WHERE name = '$_POST[userName]'");
		$row = mysql_fetch_array($result);
			if($row['password'] ==  $password){
				$_SESSION["user_id"] = $row['ID'];
				$_SESSION["name"] = $row['name'];
				$ip=@$REMOTE_ADDR;
				$nowTime = date("Y-m-d H:i:s");
				$nowLoginTimes = $row['loginTimes'] + 1;
				$sql = "UPDATE user SET lastLoginTime = '$nowTime',
										lastLoginIp = '$ip',
										loginTimes = '$nowLoginTimes'
										WHERE ID = '$row[ID]'";
				mysql_query($sql);
				echo "<loginIn>";
				echo "<info>ok</info>";
				echo "<id>$_SESSION[user_id]</id>";
				echo "<name>$_SESSION[name]</name>";
				echo "</loginIn>";
			}
			else{
				echo "<loginIn>";
				echo "<info>wrong</info>";
				echo "</loginIn>";
			}
	}
elseif($_POST["state"]=="loginOut"){
	unset($_SESSION['user_id']);
	echo "<loginOut>";
	echo "<info>offSuccess</info>";
	echo "</loginOut>";
	}
elseif($_POST["state"]=="signState"){
	if($_SESSION['user_id']){
		echo "<signState>";
		echo "<info>ready</info>";
		echo "<id>$_SESSION[user_id]</id>";
		echo "<name>$_SESSION[name]</name>";
		echo "<model_id>$_SESSION[model_id]</model_id>";
		echo "</signState>";
		}
	else{
		echo "<signState>";
		echo "<info>nobody</info>";
		echo "</signState>";
		}
	}
	
mysql_close($con);
?>





















